From 3a35c4c0594c04fb7fa2ec157e9a342e2ffd9fee Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 14 Nov 2022 22:57:52 +0100 Subject: l: init massulus.r --- krebs/3modules/lass/default.nix | 50 ++++++++++++++++++++++++++++++++++++----- 1 file changed, 44 insertions(+), 6 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 3e58fee1d..bb5b16135 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -1,12 +1,6 @@ with import ; { config, ... }: let - hostDefaults = hostName: host: flip recursiveUpdate host { - ci = true; - monitoring = true; - owner = config.krebs.users.lass; - }; - r6 = ip: (krebs.genipv6 "retiolum" "lass" ip).address; w6 = ip: (krebs.genipv6 "wiregrill" "lass" ip).address; @@ -592,6 +586,50 @@ in { syncthing.id = "CADHN7J-CWRCWTZ-3GZRLII-JBVZN4N-RGHDGDL-UTAJNYI-RZPHK55-7EYAWQM"; }; + massulus = { + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.0.113"; + ip6.addr = r6 "113"; + aliases = [ + "massulus.r" + ]; + tinc = { + pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApwYalnJ2E1e3WOttPCpt + ypNm2adUXS/pejcbF68oRvgv6NRMOKVkoFVEzdnCLYTkYkwcpGd+oRO91F+ekZrN + ndEoicuzHNyG6NTXfW3Sjj9Au/NoAVwOJxAztzXMBAsH5pi4PSiqIQZC4l6cyv2K + zUNm1LvW5Z5/W0J5XCUw3/B4Py7V/HjW9Yxe8MCaCVVP2kF5SwjmfQ+Yp+8csvU3 + F30xFjcTJjjWUPSkubgxtsfkrbbjzdMZhKldi3l9LhbYWD8O4bUTrTau/Emaaf6e + v5paVh9Kczwg7Ugk9Co3GL4tKOE2I7kRQV2Rg0M5NcRBUwfxkl6JTI2PmY0fNmYd + kdLQ1fKlFOrkyHuPBjZET1UniomlLpdycyyZii+YWLoQNj4JlFl8nAlPbqkiy8EF + LcHvB2VfdjjyBY25TtYPjFzFsEYKd8HQ7djs8rvJvmhu4tLDD6NaOqJPWMo7I7rW + EavQWZd+CELCJNN8eJhYWIGpnq+BI00FKayUAX+OSObYCHD1AikiiIaSjfDCrCJb + KVDj/uczOjxHk6TUVbepFA7C8EAxZ01sgHtUDkIfvcDMs4DGn88PmjPW+V/4MfKl + oqT7aVv6BYJdSK63rH3Iw+qTvdtzj+vcoO+HmRt2I2Be4ZPSeDrt+riaLycrVF00 + yFmvsQgi48/0ZSwaVGR8lFUCAwEAAQ== + -----END PUBLIC KEY----- + ''; + pubkey_ed25519 = "QwKNyv97Q2/fmPrVkgbGIhDTVW+uKu+F2enGCtZJgkM"; + port = 1655; + }; + }; + wiregrill = { + ip6.addr = w6 "113"; + aliases = [ + "massulus.w" + ]; + wireguard.pubkey = '' + 4wXpuDBEJS8J1bxS4paz/eZP1MuMfgHDCvOPn4TYtHQ= + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKH8lFXZ/d2NtqyrpslTGRNBR7FJZCJ6i3UPy0LDl9t7 "; + }; + phone = { nets = { wiregrill = { -- cgit v1.2.3 From 25a384254b15433dfeb67ec03ef7416b1baef5df Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 15 Nov 2022 00:02:44 +0100 Subject: l massulus.r: disable ci --- krebs/3modules/lass/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index bb5b16135..dd516428b 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -588,6 +588,7 @@ in { massulus = { cores = 1; + ci = false; nets = { retiolum = { ip4.addr = "10.243.0.113"; -- cgit v1.2.3 From 1db7318c3f4e8a50f07e45ae458ab8fcca6686cb Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 15 Nov 2022 15:48:15 +0100 Subject: lib.host: add consul option --- krebs/3modules/lass/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index dd516428b..ca0c757a3 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -10,6 +10,7 @@ in { }; hosts = mapAttrs (_: recursiveUpdate { owner = config.krebs.users.lass; + consul = true; ci = true; monitoring = true; }) { @@ -412,6 +413,7 @@ in { }; xerxes = { cores = 2; + consul = false; nets = rec { retiolum = { ip4.addr = "10.243.1.3"; @@ -632,6 +634,7 @@ in { }; phone = { + consul = false; nets = { wiregrill = { ip4.addr = "10.244.1.13"; @@ -647,6 +650,7 @@ in { syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ"; }; tablet = { + consul = false; nets = { wiregrill = { ip4.addr = "10.244.1.14"; @@ -661,6 +665,7 @@ in { ci = false; }; hilum = { + consul = false; cores = 1; nets = { retiolum = { @@ -836,6 +841,7 @@ in { }; lasspi = { + consul = false; cores = 1; nets = { retiolum = { @@ -879,6 +885,7 @@ in { }; domsen-pixel = { + consul = false; nets = { wiregrill = { ip4.addr = "10.244.1.17"; -- cgit v1.2.3 From 18adbab5ed2ba7f0bd0bc75e1e82d16ed33e7ab1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Wed, 19 Oct 2022 09:16:30 +0200 Subject: reaktor2 krebsfood: support poi and radius --- krebs/2configs/reaktor2.nix | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 41cfd7735..3dc3ce0a9 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -185,8 +185,9 @@ let }; } { - pattern = "18@p"; + pattern = ''^18@p\s+(\S+)\s+(\d+)m$''; activate = "match"; + arguments = [1 2]; command = { env = { CACHE_DIR = "${stateDir}/krebsfood"; @@ -202,9 +203,16 @@ let osm-restaurants = pkgs.callPackage "${osm-restaurants-src}/osm-restaurants" {}; in pkgs.writeDash "krebsfood" '' set -efu - ecke_lat=52.51252 - ecke_lon=13.41740 - ${osm-restaurants}/bin/osm-restaurants --radius 500 --latitude "$ecke_lat" --longitude "$ecke_lon" \ + poi=$(curl -fsS http://c.r/poi.json | jq --arg name "$1" '.[$name]') + if [ "$poi" = null ]; then + latitude=52.51252 + longitude=13.41740 + else + latitude=$(echo "$poi" | jq -r .latitude) + longitude=$(echo "$poi" | jq -r .longitude) + fi + + ${osm-restaurants}/bin/osm-restaurants --radius "$2" --latitude "$latitude" --longitude "$longitude" \ | ${pkgs.jq}/bin/jq -r '"How about \(.tags.name) (https://www.openstreetmap.org/\(.type)/\(.id)), open \(.tags.opening_hours)?"' ' ''; -- cgit v1.2.3 From 42f6b8ce03f2591cd1cefb23b6c0cf4a0438defd Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 17 Nov 2022 21:46:50 +0100 Subject: nixpkgs: 1b47226 -> 6474d93 --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index a06b47fb1..f836f63f9 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "1b4722674c315de0e191d0d79790b4eac51570a1", - "date": "2022-10-31T23:14:26+01:00", - "path": "/nix/store/byvkpdxd5pwixshrfrxgl0z2xc9y9hcs-nixpkgs", - "sha256": "0ykbqcfwx338m1jcln9pj629byxbyr448d88wsryp8sf6p611cv2", + "rev": "6474d93e007e4d165bcf48e7f87de2175c93d10b", + "date": "2022-11-16T11:41:31+01:00", + "path": "/nix/store/z86f31carhz3sf78kn3lkyq748drgp63-nixpkgs", + "sha256": "00swm7hz3fjyzps75bjyqviw6dqg2cc126wc7lcc1rjkpdyk5iwg", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From 8df09756e3c11cfa000445067749cf7de7d16e9f Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 17 Nov 2022 22:38:23 +0100 Subject: nixpkgs-unstable: d40fea9 -> b457130 --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index cd0c57f92..a5d67f2fc 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "d40fea9aeb8840fea0d377baa4b38e39b9582458", - "date": "2022-10-31T16:44:53+01:00", - "path": "/nix/store/6z1f9z44ljsxvn0kzlpz03a5m7lbh096-nixpkgs", - "sha256": "1ikpccnyi0b7ql6jak4g3wl4876njybpvknfs6gin461xjp5fi24", + "rev": "b457130e8a21608675ddf12c7d85227b22a27112", + "date": "2022-11-16T11:03:19+00:00", + "path": "/nix/store/jr123qfmrl53imi48naxh6zs486fqmz2-nixpkgs", + "sha256": "16cjrr3np3f428lxw8yk6n2dqi7mg08zf6h6gv75zpw865jz44df", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, -- cgit v1.2.3 From 548fb5b41cd07c464ec7dc1ca5ab262b7f22b2d1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 18 Nov 2022 14:29:42 +0100 Subject: pkgs.ergo: use upstream --- krebs/5pkgs/simple/ergo/default.nix | 23 ----------------------- 1 file changed, 23 deletions(-) delete mode 100644 krebs/5pkgs/simple/ergo/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/ergo/default.nix b/krebs/5pkgs/simple/ergo/default.nix deleted file mode 100644 index 2c9223eed..000000000 --- a/krebs/5pkgs/simple/ergo/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ buildGo117Module , fetchFromGitHub, lib }: - -buildGo117Module rec { - pname = "ergo"; - version = "2.9.1"; - - src = fetchFromGitHub { - owner = "ergochat"; - repo = "ergo"; - rev = "v${version}"; - sha256 = "sha256-RxsmkTfHymferS/FRW0sLnstKfvGXkW6cEb/JbeS4lc="; - }; - - vendorSha256 = null; - - meta = { - description = "A modern IRC server (daemon/ircd) written in Go"; - homepage = "https://github.com/ergochat/ergo"; - license = lib.licenses.mit; - maintainers = with lib.maintainers; [ lassulus tv ]; - platforms = lib.platforms.linux; - }; -} -- cgit v1.2.3 From b25095866d498c0447801dc68e83a40c95df1a3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 20 Nov 2022 21:09:11 +0100 Subject: mic92: add host ruby --- krebs/3modules/external/mic92.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 35e72ec2a..2a3604b25 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -929,5 +929,30 @@ in { }; }; }; + + ruby = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + aliases = [ "ruby.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAzqrguDMHqYyidLxbz3jsQS3JVNCy0HaN6wprT1Ge1Anf5E8KtuXh + M9IjYPShzzJ162rYaJdd2lBmc5o435j+0/Gg5pySILni9bILhuRr7TMWN0sjNbgr + x0JRbpMmpW5DOmQx1BSyA+LLNbyVVnCc1XI0P2EaRr1ZrRSU0bpE/7kJ//Zt7ATu + GfqJTuL2aqap12VMKAfjRByyXA9V7szJMRom2Ia3cWSXhie1E0OOvCNT+InKXx4c + QbEGX71noCgsNgxbD8AVSwMnNV15vdnbgwK/1QzA0Cep1uxFS05TXJZLZTjcGwG0 + Kp0kEjntq1rCqgdoUHIubNB17efU/oP6aSrdfvtgeYBjn0zSLHSUYdhf3JHd1Fvf + Ov2TwHxt/sm8d91UjhrkYwjf2nzSruAklYDnIDJiHgLFoT5WuOoVlnfUjRpQEw44 + kp8KXsd24Y0UT5XJO5cQA+kZ1vl2ktHbQGTqYuYDB2FKEnBR/JIwJzJfugcGiyRx + OukQ2/rjnS60JA2pHUEfoezIAMhYAF+EPgOgMcNSSRYUVBpPVKD26oGTrNn0AtnO + ALW1vqUDwxb0cpv877vN1VfqvLE8n8Zgtt7itdT0+vxNPxICvF6//LNYUeDoQ3pj + w+1ZSdYZsvIQ7tDcilnL0hU5/nfsSIbHV+ceuLde1xDt5c7Tnl4v/U0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "TV9byzSblknvqdUjQCwjgLmA8qCB4Tnl/DSd2mbsZTJ"; + }; + }; + }; }; } -- cgit v1.2.3 From 6db1863a27857f92303322c3502505d541b6241f Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 14:28:25 +0100 Subject: init pkgs.stable-generate --- krebs/5pkgs/simple/stable-generate/default.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 krebs/5pkgs/simple/stable-generate/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stable-generate/default.nix b/krebs/5pkgs/simple/stable-generate/default.nix new file mode 100644 index 000000000..495007397 --- /dev/null +++ b/krebs/5pkgs/simple/stable-generate/default.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: + +pkgs.writers.writeDashBin "stable-generate" '' + set -efu + + STABLE_URL=''${STABLE_URL:-http://stable-confusion.r} + + PAYLOAD=$(jq -cn --arg query "$*" '{fn_index: 51, data: [$query,"","None","None",20,"Euler a",false,false,1,1,7,-1,-1,0,0,0,false,512,512,false,0.7,0,0,"None","",false,false,false,"","Seed","","Nothing","",true,false,false,null,"",""], session_hash: "hello_this_is_dog"}') + + data=$(curl -Ssf "$STABLE_URL/run/predict/" \ + -X POST \ + --Header 'Content-Type: application/json' \ + --data "$PAYLOAD" + ) + export data + + filename=$(jq -rn 'env.data | fromjson.data[0][0].name') + + echo "$STABLE_URL/file=$filename" +'' -- cgit v1.2.3 From ad40a2e283f35a80b958bf33ce1635a1b5e4874d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 15:04:30 +0100 Subject: ergo: use ergochat package --- krebs/3modules/ergo.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/ergo.nix b/krebs/3modules/ergo.nix index 50c5ab628..d5f167e79 100644 --- a/krebs/3modules/ergo.nix +++ b/krebs/3modules/ergo.nix @@ -122,7 +122,7 @@ # reloadIfChanged = true; restartTriggers = [ configFile ]; serviceConfig = { - ExecStart = "${pkgs.ergo}/bin/ergo run --conf /etc/ergo.yaml"; + ExecStart = "${pkgs.ergochat}/bin/ergo run --conf /etc/ergo.yaml"; ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID"; DynamicUser = true; StateDirectory = "ergo"; -- cgit v1.2.3 From b2f8ffb920466663f6b48b1cefcbf336b700bff4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 15:07:31 +0100 Subject: stable-generate: set PATH --- krebs/5pkgs/simple/stable-generate/default.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stable-generate/default.nix b/krebs/5pkgs/simple/stable-generate/default.nix index 495007397..23e4cfc8e 100644 --- a/krebs/5pkgs/simple/stable-generate/default.nix +++ b/krebs/5pkgs/simple/stable-generate/default.nix @@ -1,8 +1,13 @@ -{ pkgs, ... }: +{ pkgs, lib, ... }: pkgs.writers.writeDashBin "stable-generate" '' set -efu + export PATH=${lib.makeBinPath [ + pkgs.curl + pkgs.jq + ]} + STABLE_URL=''${STABLE_URL:-http://stable-confusion.r} PAYLOAD=$(jq -cn --arg query "$*" '{fn_index: 51, data: [$query,"","None","None",20,"Euler a",false,false,1,1,7,-1,-1,0,0,0,false,512,512,false,0.7,0,0,"None","",false,false,false,"","Seed","","Nothing","",true,false,false,null,"",""], session_hash: "hello_this_is_dog"}') -- cgit v1.2.3 From be3762d35106bff34c24987fdc2c3fc3d44a54c5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 15:29:07 +0100 Subject: reaktor2: add !confuse --- krebs/2configs/reaktor2.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'krebs') diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 3dc3ce0a9..6768a2004 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -51,6 +51,29 @@ let }; }; + confuse = { + pattern = "^!confuse (.*)$"; + activate = "match"; + arguments = [1]; + command = { + filename = pkgs.writeDash "confuse" '' + set -efu + export PATH=${makeBinPath [ + pkgs.coreutils + pkgs.curl + pkgs.gnused + pkgs.stable-generate + ]} + stable_url=$(stable-generate "$@") + paste_url=$(curl -Ss "$stable_url" | + curl -Ss https://p.krebsco.de --data-binary @- | + tail -1 + ) + echo "$_from: $paste_url" + ''; + }; + }; + taskRcFile = builtins.toFile "taskrc" '' confirmation=no ''; @@ -218,6 +241,7 @@ let ''; }; } + confuse bedger-add bedger-balance hooks.sed -- cgit v1.2.3 From b7ea134764d642a1f9f97454caccf01ffa61c653 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 16:02:33 +0100 Subject: reaktor2 18@p: fix PATH --- krebs/2configs/reaktor2.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 6768a2004..3e88c0899 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -226,6 +226,12 @@ let osm-restaurants = pkgs.callPackage "${osm-restaurants-src}/osm-restaurants" {}; in pkgs.writeDash "krebsfood" '' set -efu + export PATH=${makeBinPath [ + osm-restaurants + pkgs.coreutils + pkgs.curl + pkgs.jq + ]} poi=$(curl -fsS http://c.r/poi.json | jq --arg name "$1" '.[$name]') if [ "$poi" = null ]; then latitude=52.51252 @@ -235,9 +241,8 @@ let longitude=$(echo "$poi" | jq -r .longitude) fi - ${osm-restaurants}/bin/osm-restaurants --radius "$2" --latitude "$latitude" --longitude "$longitude" \ - | ${pkgs.jq}/bin/jq -r '"How about \(.tags.name) (https://www.openstreetmap.org/\(.type)/\(.id)), open \(.tags.opening_hours)?"' - ' + osm-restaurants --radius "$2" --latitude "$latitude" --longitude "$longitude" \ + | jq -r '"How about \(.tags.name) (https://www.openstreetmap.org/\(.type)/\(.id)), open \(.tags.opening_hours)?"' ''; }; } -- cgit v1.2.3 From da52ed6d8233839a4f5b5527b773a43e84015e53 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 23:31:46 +0100 Subject: matterbridge: simplify --- krebs/2configs/matterbridge.nix | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/matterbridge.nix b/krebs/2configs/matterbridge.nix index a68aa292c..b96dea300 100644 --- a/krebs/2configs/matterbridge.nix +++ b/krebs/2configs/matterbridge.nix @@ -10,14 +10,10 @@ Charset = "utf-8"; }; telegram.krebs.Token = bridgeBotToken; - irc = let + irc.hackint = { + Server = "irc.hackint.org:6697"; + UseTLS = true; Nick = "ponte"; - in { - hackint = { - Server = "irc.hackint.org:6697"; - UseTLS = true; - inherit Nick; - }; }; gateway = [ { -- cgit v1.2.3 From e533961536b6b41f4758c0db117240eb551dc892 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 23:34:30 +0100 Subject: l: rotate yubikey pubkey --- krebs/3modules/lass/pgp/yubikey.pgp | 144 ++++++++++++++++++++++++------------ 1 file changed, 96 insertions(+), 48 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/lass/pgp/yubikey.pgp b/krebs/3modules/lass/pgp/yubikey.pgp index d7b3c29c5..be1054048 100644 --- a/krebs/3modules/lass/pgp/yubikey.pgp +++ b/krebs/3modules/lass/pgp/yubikey.pgp @@ -58,52 +58,100 @@ D7u4ShvPtxqFf+mv/4eHYx2akBIIUQYAf5OYGnE3E0kqiuK4qHKgt1NI5z1mSd9D duWIuoRbBUrApTKsHgwtMxNrNVioGIE1dTRuu56drhwY2ZPyzVtSb7q/hRU/a3UZ 5S6EsrmDGIIlAHrgKfKfuerESE5VzN1Nn3QHpfjwX+gq51cosTqlRiu4oMesPk31 ZmPcuG6H/m7nGagX9+l00sDsqISqMG4lZCJAFa020OS/g6V3q6LCqggky6+4sQTG -5HB8jGba2tXMSQfBQEtDFve6agiRTw8z1V8s1gPCMmPhsLi5Ag0EXaJN1gEQANML -yxoeknGlTtkG640UP5ZkUEojwXxlni3v2dpWEaEJO9yqvkELCWum5pRz+iDzoDFS -lUPnP3YKVFkLbAlk56abIAQ6VK7wkOSHCw1F7LlCY830bRkgGJ8/b8us9KpET6Am -ei7OGYVtqNBUodEJi6XkH5q9RLQeVR+7ynt0LTAxO/mMFYc3nhccrhadubhh5rTd -e/UcxBL/zYx8tCBy2F4ep6Anx02HOauTwaqk4KLhB9IcdS8sJQHFY7iEVWNcovwF -8luGEGPJOdOPTMZz4jD4aWFqbT6ragWaG8tisLEe9UhET2LL3r/4DIgAJY4bwg5T -ZyK/1j+Nj1IyYkQ9A6YF96Y5XCi9DF0MYq9NytWNnMCT8F4QCCDRWhgql714/Er/ -qfwnT2M6m8P4OS1sAHv5vDDYXezB0WrJNstYvhtHhi4ctuolBuwOb7nyIBlZovhk -5/6IAFmoUprfGHOuttEcPTRDGv737cR1cYaz5QMuz2svNU3ivI/tYfIQwMAjv84A -ZN2wl63QkghYo/dm9a5Ex78CNwZD/z7HOE3zD+Rd0C9/hXLpVVhN0mKmDzgJHPUo -VDk//P3YgzM+dtUWWPJ1FfaTz2543V9MwVWUJQj0DIgl4noLHX3wkd/d4gYGAhlW -kBxkbQPJ4NT7EKBFk44fa6DVuGOGatBAxKQq1GftABEBAAGJAjwEGAEKACYCGwwW -IQTbzXV4RgabOS6pQB1mV76KjR7oBwUCX4l2DwUJBamPOQAKCRBmV76KjR7oB/Ds -D/96TGfHa6BW1v2kUyHUKmpdk62UhZz49nTsOu1JeMI2cDMLkKaPyeKLsRpzV2qc -OoG1dal7dgjtzKsWdz0HxrrbEs0rBJO4xOmg12Sv9fttTocTt2bQMe3d20Vihbi+ -NDEx2PeyncYulDd8PNfDkh8vWUJQoThqimXoVARwKNuH2oDytGceIp+BZLOH8HRz -0ESH9nCAGw3gVX6vQPtjbMgoIXHAnAJkIe2boyyUHu2ZmD6CGjxGSSICMzShcDvN -kcyPKG5BbOGRpbehaMcOOiGH0NsudUPOsyxQt90bP/U+WHPhvOTGk0PqGaOf8QDE -saGlChd3wVK+uCGl60szcxQsbgzlEQVUG3tTW4QGfzL3XK5bHvuGj03Vb45005Y4 -6UCUP4ZkEYDsw1Hrn5bkPOP/Pc8Sz1MQt+nw1U3QXbHLxLb8fB82B6oDMakHPgaw -73HxYwbaXDswBb6BVTc86RmXRH1+StObDiJp+h16EqdsSyp15tSM80GRf1KaNKxc -MA4N7/i7j9M/z2fKWT7vTAGdcg8vhZH0MDQ9vRmYsuQZtoNieZVXnyQ/ILAgPhiL -pdyPffQV0BpWKd68C8kEhoMP0D3h6Uj88ZOuapyOCvsrBvR7SQOVh+L+KMjh1Xgx -WvPJuoU4Jox4og85/Gz0Ui8EROYyHg5yqPqsBBmz6h8F7rkCDQRdok4KARAAyG97 -rjKhP8Uie1i/16SekDo+GkpodBmvhrZiZdwg75YxriHhgioe2AKKmQItOdZOY+mV -qMA63FmByDlPodHmQnrIAn/gr7p5V3lM+l0oVTI8maPO39iT7Nh6W/rv4ni8eMBk -L6P2cPPaTpcv76qWl/WcMiEflPNSAFaxyIapq04rafthcIILWmOBbQ+liMn9YT7a -6w3nF/Ig4Zxx7hoQE6/HrTC8HcENpCAceQQYAqIrlu8F5y1AQVWHjtyCPee1z/8l -PNnPg40lSbXozg5kQDP965Pge6XReUoUVVRcgeiSUfkHdYPIkh/tkFy1MtzTNize -buadqE41Ds6BD1maO5cpGc5iFnf+YY01vWIhwvgPMbAsUKrPOw/RyvYSwOrnWegh -pKuIRv+sBcDY0jJ799CHB2c8eiAYoTRm64rKyYS8RIilqTCmIHnpoSIq3n1wOlMV -X4sB4N4CfAZRAbI9LZfx1QEYn0dst9+mCDRJ/ALBxocKz0wRTpwU5nwP1Zz9TZVh -81wn1Ypj+mFb3aBggpwMLxbifmbsZmd1MwW9k3p2WTs8M1dLFM2ZNA9QmkgRSVFN -6GTTpAyDOs+ZSGYM7MisG9/EvFbNx2BPg6qZH7JeMnlOZXXOg8K5VcLkiGuL1brO -Hlg94Axha8ffMmqjsde6XOAgvSl5P9k47SWOcZkAEQEAAYkCPAQYAQoAJgIbIBYh -BNvNdXhGBps5LqlAHWZXvoqNHugHBQJfiXYPBQkFqY8FAAoJEGZXvoqNHugHuLUP -+gJ01mSEs3+0jriWqg7V+Q59rulMVrUdV2mjBtzz3gvF9PLiEnVEl7EgGdLpVIr/ -Wr9QIiUnS1NNrDz8oeDf54Q+OXtQOiczGClK+yWSm/CM02+HATFws66umAl4GQ4X -qAJwdSDDKIHCP1/0VqXNQUOWW0GCCGCAdn55u4pf+B1rmkA3cWhN51SvAriA/YcG -qmyJZgXO+qZOPWNHxNUdgq9lVEO132dhDzH1b9ufnvQMDxF2V681fQ7E3zWEJZZb -YLRB4jrSz8oxipGRGKgDLiR7lyQ/xRU161jSawblBTcIRXK9c4hv178xQWAInMjt -Hst4YCpvclG26ypZLCzvw6swfnXf3A6Q4A8pZQVvogWZ01dlgofwHm8qlYxT7wSq -eicOu3FkSHD8vNwkXnMLqxwkFr4BcSefzCiXulyMcb3h67ZfXAYAFGrrR581vGEt -Xy+xfXK5PqBX7CWEl3Vs2an9whEncZuv1I9iyXDUmGP7Y373JjqNtpS2GMMPA73k -nB7eI/zpVS5qoxUlqw35Pldvt+L4E3hvrvE7iZE3w4lB9WUyY1OnSRDU10l2rqWt -Ptyk3LE2ed5hz5I+gy8/RsXrAooMBXIGV/GJrhye45wf5F/XQqPulnj38sKhmrQC -QTubPgJwG/kTpNdrA3YukE3E7T5ejaGTT2n5nKat6bj7 -=h9fX +5HB8jGba2tXMSQfBQEtDFve6agiRTw8z1V8s1gPCMmPhsLiJBGwEGAEKACACGwIW +IQTbzXV4RgabOS6pQB1mV76KjR7oBwUCY1E8SAJAwXQgBBkBCgAdFiEEVAotn4qI +hqe83vdsfheGip18nM8FAl2iTZIACgkQfheGip18nM9DVxAAuqX7iztddbttkIfN +65R5XJPjz7NRg0AI8G+1qnkvF3c2ufNjL++BJSvlbi/2ov92S+0CPF08E4kDsHjA +/JM782D6lDfSZltW4YBBqkJZdtiPElcIqIhM6EX7fs3Ag/RjUVPb4tYkH20xcNhy +l+0RdBuSvR0+KOXXBfoNmsyQM4/hUKiWW3vGOZOBmYPNcvAQcMs+p4D5JHQcOyxg +tXyiXU/VxvUWI7cH6I7daRDTFR3L4zXoIrRwqEgxIqof2Zm4smoHDLfXxGQrcjj6 +eKkn/gt/T7qYxnhcG5guS2DwIay5c7xV1xuB7pDgM1On56heD21DI4vtXXnTkjo7 +/6hsw2e6TBcn295fEekvBupYVwazefBSlr2f3xxlDvd35D5tWZRVGspzxO15DcTa +TglOeNtRnYGRwHwE/tiJ0G0uwGfvaI0xeexuhnTfvEkpJ4SJ/iMl+FpOw7I35H7m +z8MrRNMjtR+Es8gzuw7hNErmbh0SLZvddoPnqt9kF8ayA1iz1X9KiBkkj3EbvI99 +jYjdDDm5lsxCZKLSX4r9Mp236K6DMGlifRN2AfdXziXhPABQkKE5m7kcn1gALn9M +cg5HgeXTdxan6QP35ygDtmNldJGEP+AWAZ4RwaFK8P3/oqQ/8XhnkwH5n2SPd8WQ +qnldvrtajUzUegvJUstLS5B1TFQJEGZXvoqNHugHrtcP+waicH+WhpbvPoHJW//U +c7IwcrsOpWNuh0gKV1+LvBV9dGzGZDlhwsncMeNzT8tnxDwhD1CiJ1uzO2H1m+yX +CeljVnYFlP0sl9IT/AiV8NNiuaIpOc5RjRY1yvOZ017/J7Hyhnaw0iap1vNDNOwH +t7tzB1PvM3p6an4Jh0AJZF5adReQTbi9Zw7MW2Yf0XHTT4rFX+Mn5gcuvsV9n39d +6U3k5G6Hf1bSROsXNVwOwF6VbO8NvBm6ehgNyRcGsino/f82HRwvnQPhJgEakZ1h +WWUUnakK14mRRMUns8CMNfFh+50ciK1Q8kAVgYLVA1H1NXM0+68YZMl5CiiaD3pM +17flwcWUdkIu3uWAvc3hSCNw6i9F4Kx1yD/ZdiT0vBapa3ehUXIo5g79NcFl9xnQ +fnYG+nnl2bLZSHP8b+LZsGivOEZuBHoR2ComeTqqJxeT8ZsEdtLcloaSaf2Em2xf +b9OfhGOC7hKfS4HAlLFbEydWuZuA8EpTXd6eqINCFbOb9BjpKvSCCLs5S3s7T4WE +FQB7yHXQQgB1EzYaJxFZstkiD8exu/hiWfwVLaho09QbtPmt2u1lvbxiSxtCdphi +hoKc6wjhD8F9YM5xxitcF7iAV7oEDZ/1JVkvi/1gWFgW0UmEKuy2KN/Eb/mr41NJ +bMauCCfjnCbAzoW6dhHpbO45uQINBF2iTdYBEADTC8saHpJxpU7ZBuuNFD+WZFBK +I8F8ZZ4t79naVhGhCTvcqr5BCwlrpuaUc/og86AxUpVD5z92ClRZC2wJZOemmyAE +OlSu8JDkhwsNRey5QmPN9G0ZIBifP2/LrPSqRE+gJnouzhmFbajQVKHRCYul5B+a +vUS0HlUfu8p7dC0wMTv5jBWHN54XHK4Wnbm4Yea03Xv1HMQS/82MfLQgctheHqeg +J8dNhzmrk8GqpOCi4QfSHHUvLCUBxWO4hFVjXKL8BfJbhhBjyTnTj0zGc+Iw+Glh +am0+q2oFmhvLYrCxHvVIRE9iy96/+AyIACWOG8IOU2civ9Y/jY9SMmJEPQOmBfem +OVwovQxdDGKvTcrVjZzAk/BeEAgg0VoYKpe9ePxK/6n8J09jOpvD+DktbAB7+bww +2F3swdFqyTbLWL4bR4YuHLbqJQbsDm+58iAZWaL4ZOf+iABZqFKa3xhzrrbRHD00 +Qxr+9+3EdXGGs+UDLs9rLzVN4ryP7WHyEMDAI7/OAGTdsJet0JIIWKP3ZvWuRMe/ +AjcGQ/8+xzhN8w/kXdAvf4Vy6VVYTdJipg84CRz1KFQ5P/z92IMzPnbVFljydRX2 +k89ueN1fTMFVlCUI9AyIJeJ6Cx198JHf3eIGBgIZVpAcZG0DyeDU+xCgRZOOH2ug +1bhjhmrQQMSkKtRn7QARAQABiQI8BBgBCgAmAhsMFiEE2811eEYGmzkuqUAdZle+ +io0e6AcFAl+Jdg8FCQWpjzkACgkQZle+io0e6Afw7A//ekxnx2ugVtb9pFMh1Cpq +XZOtlIWc+PZ07DrtSXjCNnAzC5Cmj8nii7Eac1dqnDqBtXWpe3YI7cyrFnc9B8a6 +2xLNKwSTuMTpoNdkr/X7bU6HE7dm0DHt3dtFYoW4vjQxMdj3sp3GLpQ3fDzXw5If +L1lCUKE4aopl6FQEcCjbh9qA8rRnHiKfgWSzh/B0c9BEh/ZwgBsN4FV+r0D7Y2zI +KCFxwJwCZCHtm6MslB7tmZg+gho8RkkiAjM0oXA7zZHMjyhuQWzhkaW3oWjHDjoh +h9DbLnVDzrMsULfdGz/1Plhz4bzkxpND6hmjn/EAxLGhpQoXd8FSvrghpetLM3MU +LG4M5REFVBt7U1uEBn8y91yuWx77ho9N1W+OdNOWOOlAlD+GZBGA7MNR65+W5Dzj +/z3PEs9TELfp8NVN0F2xy8S2/HwfNgeqAzGpBz4GsO9x8WMG2lw7MAW+gVU3POkZ +l0R9fkrTmw4iafodehKnbEsqdebUjPNBkX9SmjSsXDAODe/4u4/TP89nylk+70wB +nXIPL4WR9DA0Pb0ZmLLkGbaDYnmVV58kPyCwID4Yi6Xcj330FdAaVinevAvJBIaD +D9A94elI/PGTrmqcjgr7Kwb0e0kDlYfi/ijI4dV4MVrzybqFOCaMeKIPOfxs9FIv +BETmMh4Ocqj6rAQZs+ofBe6JAjYEGAEKACACGwwWIQTbzXV4RgabOS6pQB1mV76K +jR7oBwUCY1E8SAAKCRBmV76KjR7oBwM+D/0evufvIWftzdge63hol1k4LdZSiSD9 +bh+h8fb/Mm+2HIS8RweHr1+CS8CW/Om9MJoW0ZDsCmC0vU44/vLL3JzbP4+BDuVF +dky1XX/9Z73Fn/LpakITyXd6YJMsknzAA4ZEzhe4uModNSH5IU818I+/Vyvbe1nX +Hfg2FYva4zVn9E5Gd4vpHBF7D99dGg0vUINtux06WKfdsDB59MiZxCSWfqty+yTM +XWwh5fuFIxwjlkKVdrb45101MnUtzJDmxwPxjOpF+z2tJ0qIvs6Zu6FDEh7fcaJM +mKAPtVXKRxTYaS6j7fpNk5ACFgiHDb+0mI60fH0eiQSqp9Q7cyYbt1yiW2bKY4Pg +qDOtcLT+uIYYVmxBHTLx38gT3Gp83O7WqNZ9ouctIXAXHWwTNsKzMhwgaEmmPbkP +7VO8oZZ9hVphirmijgNO1Oz7Qqh5ORYwsGdvYtbPXD4ZUSpqFT5bTMHS5TKPHf70 +5alkwYuwYfLs4m2zYsKadQ+vq12ZX7Z6+DbjfzWAEhzqLP2Y8yGnFSBSmULsALnj +Zg3RN5sxJe3fhTze09Fm8OTopTLoDH5fR91VPhRLGHahvV1Sm/H4ZdtAXTPsHP20 +phAc8mK2DgEM0k7vDO5RtV4xTLjBopiciXIBL+TzCKGmDRX2+9nTyF3Kx9qjN52H +EFFJ1mTed/J7VrkCDQRdok4KARAAyG97rjKhP8Uie1i/16SekDo+GkpodBmvhrZi +Zdwg75YxriHhgioe2AKKmQItOdZOY+mVqMA63FmByDlPodHmQnrIAn/gr7p5V3lM ++l0oVTI8maPO39iT7Nh6W/rv4ni8eMBkL6P2cPPaTpcv76qWl/WcMiEflPNSAFax +yIapq04rafthcIILWmOBbQ+liMn9YT7a6w3nF/Ig4Zxx7hoQE6/HrTC8HcENpCAc +eQQYAqIrlu8F5y1AQVWHjtyCPee1z/8lPNnPg40lSbXozg5kQDP965Pge6XReUoU +VVRcgeiSUfkHdYPIkh/tkFy1MtzTNizebuadqE41Ds6BD1maO5cpGc5iFnf+YY01 +vWIhwvgPMbAsUKrPOw/RyvYSwOrnWeghpKuIRv+sBcDY0jJ799CHB2c8eiAYoTRm +64rKyYS8RIilqTCmIHnpoSIq3n1wOlMVX4sB4N4CfAZRAbI9LZfx1QEYn0dst9+m +CDRJ/ALBxocKz0wRTpwU5nwP1Zz9TZVh81wn1Ypj+mFb3aBggpwMLxbifmbsZmd1 +MwW9k3p2WTs8M1dLFM2ZNA9QmkgRSVFN6GTTpAyDOs+ZSGYM7MisG9/EvFbNx2BP +g6qZH7JeMnlOZXXOg8K5VcLkiGuL1brOHlg94Axha8ffMmqjsde6XOAgvSl5P9k4 +7SWOcZkAEQEAAYkCPAQYAQoAJgIbIBYhBNvNdXhGBps5LqlAHWZXvoqNHugHBQJf +iXYPBQkFqY8FAAoJEGZXvoqNHugHuLUP+gJ01mSEs3+0jriWqg7V+Q59rulMVrUd +V2mjBtzz3gvF9PLiEnVEl7EgGdLpVIr/Wr9QIiUnS1NNrDz8oeDf54Q+OXtQOicz +GClK+yWSm/CM02+HATFws66umAl4GQ4XqAJwdSDDKIHCP1/0VqXNQUOWW0GCCGCA +dn55u4pf+B1rmkA3cWhN51SvAriA/YcGqmyJZgXO+qZOPWNHxNUdgq9lVEO132dh +DzH1b9ufnvQMDxF2V681fQ7E3zWEJZZbYLRB4jrSz8oxipGRGKgDLiR7lyQ/xRU1 +61jSawblBTcIRXK9c4hv178xQWAInMjtHst4YCpvclG26ypZLCzvw6swfnXf3A6Q +4A8pZQVvogWZ01dlgofwHm8qlYxT7wSqeicOu3FkSHD8vNwkXnMLqxwkFr4BcSef +zCiXulyMcb3h67ZfXAYAFGrrR581vGEtXy+xfXK5PqBX7CWEl3Vs2an9whEncZuv +1I9iyXDUmGP7Y373JjqNtpS2GMMPA73knB7eI/zpVS5qoxUlqw35Pldvt+L4E3hv +rvE7iZE3w4lB9WUyY1OnSRDU10l2rqWtPtyk3LE2ed5hz5I+gy8/RsXrAooMBXIG +V/GJrhye45wf5F/XQqPulnj38sKhmrQCQTubPgJwG/kTpNdrA3YukE3E7T5ejaGT +T2n5nKat6bj7iQI2BBgBCgAgAhsgFiEE2811eEYGmzkuqUAdZle+io0e6AcFAmNR +PEgACgkQZle+io0e6AfQpg/+K0gD0WVyXYLOEM6jCvtz5/f9nDQnqj90ck9VfpuN +QG+cMSK/u3T4ya0k3UDWxEyRih0BzChOlmwnaupBwN7ZbYAzxM0sglwseSdAPpCE +s63RTnaAxpSWFocsUxtJngSoPnnmD1fVbWL3/j9j6jZkT4NB/l2ekDngMyRqt104 +BmabaLdz44X1VDgg0tXyACkZ8c/8ISBOoPSFg2n9FuCmhI9Atu6hjCFQZOA/youA +fXzeUxU3iFw5UhyNP084jZ9AK2xwp+rB3JzvzMdiqO3OBFemuiU4/ZKQKFg5a/n4 +UAZtO8V2DGe76o1N9uFUvQ41RSAXolPUOTXiZvP4GfiGIhJUXV96QaPHhKWybKlr +4MWG5PpwfuWnGoP8vXtLmz2TDRUfEBOQBzYRBRvXmzekq8nFQCM7dGofLLEchMRv +lYHab2fquGmXiY3LfzyQX+vS3FO9/m2POJcdXcQvSq4MXIzOEzXnJKw5HemfZ3ae +/AlTTfE4og/AYLwacECY6CZqUFOYtQeVx9hSXV97XnoKotde66D4RyFgzFbsIBM/ +bA5qyvdpKb60hqjpj/rhXjlnhH8KwAwOlaPVgI1cgnW8uJTElJEtqHPhuRkU6y9f +au4EZ+tsmaxJ0whuziG1/3LJ62AIM9ZpixDEj4GQYaRdkFrx/1IKiUOlw5GQC3y2 +zxs= +=MmP2 -----END PGP PUBLIC KEY BLOCK----- -- cgit v1.2.3 From a8e04485cd0d3bc1c7ff7386a02eeb4c2b2bfe44 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 23:55:29 +0100 Subject: shack doorstatus: get doorstatus on extra line --- krebs/2configs/shack/doorstatus.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/2configs/shack/doorstatus.sh b/krebs/2configs/shack/doorstatus.sh index 46314cb9c..aa6c1c3d1 100755 --- a/krebs/2configs/shack/doorstatus.sh +++ b/krebs/2configs/shack/doorstatus.sh @@ -54,7 +54,8 @@ Herr makefu an Kasse 3 bitte, Kasse 3 bitte Herr makefu. Der API Computer ist ma EOF ) -state=$(curl -fSsk https://api.shackspace.de/v1/space | jq .doorState.open) +payload=$(curl -fSsk https://api.shackspace.de/v1/space) +state=$(printf '%s' "$payload" | jq .doorState.open) prevstate=$(cat state ||:) if test "$state" == "$(cat state)";then -- cgit v1.2.3 From c6722a692ee47e1316a05f5cb6839c4a11ebbd3f Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 23:57:14 +0100 Subject: news-host: use DHCP, remove puyak --- krebs/2configs/news-host.nix | 3 --- 1 file changed, 3 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix index b7728986f..07674c86e 100644 --- a/krebs/2configs/news-host.nix +++ b/krebs/2configs/news-host.nix @@ -4,10 +4,7 @@ "shodan" "mors" "styx" - "puyak" ]; - hostIp = "10.233.2.101"; - localIp = "10.233.2.102"; format = "plain"; }; } -- cgit v1.2.3 From 8c65e4061ab0bae2a8b921b3939c6a1917583e3b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Nov 2022 23:58:35 +0100 Subject: hashPassword: use nixpkgs writers --- krebs/5pkgs/simple/hashPassword/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/hashPassword/default.nix b/krebs/5pkgs/simple/hashPassword/default.nix index 3c604be80..8d3ba2525 100644 --- a/krebs/5pkgs/simple/hashPassword/default.nix +++ b/krebs/5pkgs/simple/hashPassword/default.nix @@ -1,6 +1,6 @@ { lib, pkgs, ... }: -pkgs.writeDashBin "hashPassword" '' +pkgs.writers.writeDashBin "hashPassword" '' # usage: hashPassword [...] set -euf -- cgit v1.2.3 From 43e65c94a13d276798d15c1fc97a69467dd67820 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Nov 2022 00:01:41 +0100 Subject: weechat-declarative: use correct _file --- krebs/5pkgs/simple/weechat-declarative/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/weechat-declarative/default.nix b/krebs/5pkgs/simple/weechat-declarative/default.nix index 5f9c8635b..7b057d41b 100644 --- a/krebs/5pkgs/simple/weechat-declarative/default.nix +++ b/krebs/5pkgs/simple/weechat-declarative/default.nix @@ -33,7 +33,7 @@ let eval = lib.evalModules { modules = lib.singleton { - _file = toString ./weechat-declarative.nix; + _file = toString ./default.nix; imports = lib.singleton config; options = { scripts = lib.mkOption { -- cgit v1.2.3 From 336caf2832d97892bd27a90881121740d57b3906 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Nov 2022 00:02:32 +0100 Subject: weechat-declarative: copy writable file into $CONFDIR --- krebs/5pkgs/simple/weechat-declarative/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/weechat-declarative/default.nix b/krebs/5pkgs/simple/weechat-declarative/default.nix index 7b057d41b..93c73761c 100644 --- a/krebs/5pkgs/simple/weechat-declarative/default.nix +++ b/krebs/5pkgs/simple/weechat-declarative/default.nix @@ -148,7 +148,8 @@ let ${lib.concatStringsSep "\n" (lib.mapAttrsToList (name: target: /* sh */ '' - ${pkgs.coreutils}/bin/ln -s ${lib.escapeShellArg target} "$CONFDIR"/${lib.escapeShellArg name} + ${pkgs.coreutils}/bin/cp ${lib.escapeShellArg target} "$CONFDIR"/${lib.escapeShellArg name} + ${pkgs.coreutils}/bin/chmod +w "$CONFDIR"/${lib.escapeShellArg name} '') cfg.files ) -- cgit v1.2.3 From a55d6f4b7f91d46fccddbabc7d8b4aad3bcd4029 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Nov 2022 00:02:53 +0100 Subject: remove broken nix-prefetch-github --- krebs/5pkgs/simple/nix-prefetch-github.nix | 25 ------------------------- 1 file changed, 25 deletions(-) delete mode 100644 krebs/5pkgs/simple/nix-prefetch-github.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/nix-prefetch-github.nix b/krebs/5pkgs/simple/nix-prefetch-github.nix deleted file mode 100644 index 14096c33f..000000000 --- a/krebs/5pkgs/simple/nix-prefetch-github.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ curl, jq, nix, writeDashBin }: - -writeDashBin "nix-prefetch-github" '' - # usage: nix-prefetch-github OWNER REPO [REF] - set -efu - - owner=$1 - repo=$2 - ref=''${3-master} - - info_url=https://api.github.com/repos/$owner/$repo/commits/$ref - info=$(${curl}/bin/curl -fsS "$info_url") - rev=$(printf %s "$info" | ${jq}/bin/jq -r .sha) - - name=$owner-$repo-$ref - url=https://github.com/$owner/$repo/tarball/$rev - sha256=$(${nix}/bin/nix-prefetch-url --name "$name" --unpack "$url") - - export owner repo rev sha256 - ${jq}/bin/jq -n ' - env | { - owner, repo, rev, sha256 - } - ' -'' -- cgit v1.2.3 From e185a086eb87c9a66ccdd53d20762862380c9bf9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Nov 2022 09:08:20 +0100 Subject: sync-containers(1): use dhcpcd, support luksfile --- krebs/3modules/sync-containers.nix | 140 +++++++++++++++++++++++++++---------- 1 file changed, 104 insertions(+), 36 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/sync-containers.nix b/krebs/3modules/sync-containers.nix index e2caa0834..60ca993e6 100644 --- a/krebs/3modules/sync-containers.nix +++ b/krebs/3modules/sync-containers.nix @@ -5,27 +5,55 @@ with import ; plain = "/var/lib/containers/${cname}/var/state"; ecryptfs = "${cfg.dataLocation}/${cname}/ecryptfs"; securefs = "${cfg.dataLocation}/${cname}/securefs"; + luksfile = "${cfg.dataLocation}/${cname}/luksfile"; + }; + init = cname: { + plain = '' + echo 'no need for init' + ''; + ecryptfs = '' + ${pkgs.ecrypt}/bin/ecrypt init ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state + ''; + securefs = '' + ${pkgs.securefs}/bin/securefs create --format 3 ${cfg.dataLocation}/${cname}/securefs + ''; + luksfile = '' + ${pkgs.coreutils}/bin/truncate -s 10G '${(paths cname).luksfile}/fs.luks' + ${pkgs.cryptsetup}/bin/cryptsetup luksFormat '${(paths cname).luksfile}/fs.luks' + ${pkgs.cryptsetup}/bin/cryptsetup luksOpen '${(paths cname).luksfile}/fs.luks' 'luksfile-${cname}' + ${pkgs.xfsprogs}/bin/mkfs.xfs '/dev/mapper/luksfile-${cname}' + ''; }; start = cname: { plain = '' : ''; ecryptfs = '' - if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then - if [ -e ${cfg.dataLocation}/${cname}/ecryptfs/.cfg.json ]; then + + if [ -e ${cfg.dataLocation}/${cname}/ecryptfs/.cfg.json ]; then + if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then ${pkgs.ecrypt}/bin/ecrypt mount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state - else - ${pkgs.ecrypt}/bin/ecrypt init ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state fi + else + echo 'please run init-${cname} first' + exit 1 fi ''; securefs = '' - ## TODO init file systems if it does not exist - # ${pkgs.securefs}/bin/securefs create --format 3 ${cfg.dataLocation}/${cname}/securefs + ## check if FS was initialized first if ! ${pkgs.mount}/bin/mount | grep -q '^securefs on /var/lib/containers/${cname}/var/state type fuse.securefs'; then ${pkgs.securefs}/bin/securefs mount ${cfg.dataLocation}/${cname}/securefs /var/lib/containers/${cname}/var/state -b -o allow_other -o default_permissions fi ''; + luksfile = '' + mkdir -p /var/lib/containers/${cname}/var/state + if ! test -e /dev/mapper/luksfile-${cname}; then + ${pkgs.cryptsetup}/bin/cryptsetup luksOpen '${(paths cname).luksfile}/fs.luks' 'luksfile-${cname}' + fi + if ! ${pkgs.mount}/bin/mount | grep -q '^/dev/mapper/luksfile-${cname} on /var/lib/containers/${cname}/var/state'; then + mount '/dev/mapper/luksfile-${cname}' '/var/lib/containers/${cname}/var/state' + fi + ''; }; stop = cname: { plain = '' @@ -37,12 +65,16 @@ with import ; securefs = '' umount /var/lib/containers/${cname}/var/state ''; + luksfile = '' + umount /var/lib/containers/${cname}/var/state + ${pkgs.cryptsetup}/bin/cryptsetup luksClose luksfile-${cname} + ''; }; in { options.krebs.sync-containers = { dataLocation = mkOption { description = '' - location where the encrypted sync-container lie around + location where the encrypted sync-containers lie around ''; default = "/var/lib/sync-containers"; type = types.absolute-pathname; @@ -64,25 +96,11 @@ in { default = []; type = types.listOf types.str; }; - hostIp = mkOption { # TODO find this automatically - description = '' - hostAddress of the privateNetwork - ''; - example = "10.233.2.15"; - type = types.str; - }; - localIp = mkOption { # TODO find this automatically - description = '' - localAddress of the privateNetwork - ''; - example = "10.233.2.16"; - type = types.str; - }; format = mkOption { description = '' file system encrption format of the container ''; - type = types.enum [ "plain" "ecryptfs" "securefs" ]; + type = types.enum [ "plain" "ecryptfs" "securefs" "luksfile" ]; }; }; })); @@ -102,12 +120,11 @@ in { ignorePerms = false; })) cfg.containers); - krebs.permown = (mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" ({ - file-mode = "u+rw"; - directory-mode = "u+rwx"; - owner = "syncthing"; - keepGoing = false; - })) cfg.containers); + krebs.acl = mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" { + "u:syncthing:rX".parents = true; + "u:syncthing:rwX" = {}; + }) cfg.containers; + systemd.services = mapAttrs' (n: ctr: nameValuePair "containers@${ctr.name}" ({ reloadIfChanged = mkForce false; @@ -116,8 +133,11 @@ in { containers = mapAttrs' (n: ctr: nameValuePair ctr.name ({ config = { ... }: { environment.systemPackages = [ + pkgs.dhcpcd pkgs.git + pkgs.jq ]; + networking.useDHCP = mkForce true; system.activationScripts.fuse = { text = '' ${pkgs.coreutils}/bin/mknod /dev/fuse c 10 229 @@ -131,11 +151,57 @@ in { autoStart = false; enableTun = true; privateNetwork = true; - hostAddress = ctr.hostIp; - localAddress = ctr.localIp; + hostBridge = "ctr0"; })) cfg.containers; - environment.systemPackages = flatten (mapAttrsToList (n: ctr: [ + networking.networkmanager.unmanaged = [ "ctr0" ]; + networking.bridges.ctr0.interfaces = []; + networking.interfaces.ctr0.ipv4.addresses = [{ + address = "10.233.0.1"; + prefixLength = 24; + }]; + # networking.nat = { + # enable = true; + # externalInterface = lib.mkDefault "et0"; + # internalInterfaces = [ "ctr0" ]; + # }; + services.dhcpd4 = { + enable = true; + interfaces = [ "ctr0" ]; + extraConfig = '' + option subnet-mask 255.255.255.0; + option routers 10.233.0.1; + # option domain-name-servers 8.8.8.8; # TODO configure dns server + subnet 10.233.0.0 netmask 255.255.255.0 { + range 10.233.0.10 10.233.0.250; + } + ''; + }; + + users.users.root.packages = flatten (mapAttrsToList (n: ctr: [ + (pkgs.writeDashBin "init-${ctr.name}" '' + set -euf + set -x + + mkdir -p /var/lib/containers/${ctr.name}/var/state + STATE=$(/run/current-system/sw/bin/nixos-container status ${ctr.name}) + if [ "$STATE" = 'up' ]; then + /run/current-system/sw/bin/nixos-container stop ${ctr.name} + fi + ${(init ctr.name).${ctr.format}} + ${(start ctr.name).${ctr.format}} + /run/current-system/sw/bin/nixos-container start ${ctr.name} + /run/current-system/sw/bin/nixos-container run ${ctr.name} -- ${pkgs.writeDash "deploy-${ctr.name}" '' + set -x + + mkdir -p /var/state/var_src + ln -sfTr /var/state/var_src /var/src + touch /etc/NIXOS + ''} + target_ip=$(/run/current-system/sw/bin/nixos-container run ${ctr.name} -- ip -j a s eth0 | jq -r '.[].addr_info[] | select(.family=="inet") | .local') + + echo "deploy to $target_ip" + '') (pkgs.writeDashBin "start-${ctr.name}" '' set -euf set -x @@ -144,12 +210,12 @@ in { ${(start ctr.name).${ctr.format}} - STATE=$(${pkgs.nixos-container}/bin/nixos-container status ${ctr.name}) + STATE=$(/run/current-system/sw/bin/nixos-container status ${ctr.name}) if [ "$STATE" = 'down' ]; then - ${pkgs.nixos-container}/bin/nixos-container start ${ctr.name} + /run/current-system/sw/bin/nixos-container start ${ctr.name} fi - ${pkgs.nixos-container}/bin/nixos-container run ${ctr.name} -- ${pkgs.writeDash "deploy-${ctr.name}" '' + /run/current-system/sw/bin/nixos-container run ${ctr.name} -- ${pkgs.writeDash "deploy-${ctr.name}" '' set -x mkdir -p /var/state/var_src @@ -158,15 +224,17 @@ in { ''} if [ -h /var/lib/containers/${ctr.name}/var/src/nixos-config ] && (! ping -c1 -q -w5 ${ctr.name}.r); then - ${pkgs.nixos-container}/bin/nixos-container run ${ctr.name} -- nixos-rebuild -I /var/src switch + /run/current-system/sw/bin/nixos-container run ${ctr.name} -- nixos-rebuild -I /var/src switch else + echo 'no nixos config, or target already online, bailing out' ${(stop ctr.name).${ctr.format}} + /run/current-system/sw/bin/nixos-container stop ${ctr.name} fi '') (pkgs.writeDashBin "stop-${ctr.name}" '' set -euf - ${pkgs.nixos-container}/bin/nixos-container stop ${ctr.name} + /run/current-system/sw/bin/nixos-container stop ${ctr.name} ${(stop ctr.name).${ctr.format}} '') ]) cfg.containers); -- cgit v1.2.3 From 8f4dd6fb595bb14be37fd69320bad4aa9a51a9db Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Nov 2022 09:17:56 +0100 Subject: ci: raise timeout to 1h --- krebs/3modules/ci/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/ci/default.nix b/krebs/3modules/ci/default.nix index 0f85b27c0..022da5884 100644 --- a/krebs/3modules/ci/default.nix +++ b/krebs/3modules/ci/default.nix @@ -115,6 +115,7 @@ let build_name = stage, build_script = stages[stage], ), + timeout = 3600, command="${pkgs.writeDash "build.sh" '' set -xefu profile=${shell.escape profileRoot}/$build_name -- cgit v1.2.3 From 618185c6f8936a6f70509be554704418e8471477 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Nov 2022 10:44:06 +0100 Subject: stable-generate: activate repair faces --- krebs/5pkgs/simple/stable-generate/default.nix | 41 +++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stable-generate/default.nix b/krebs/5pkgs/simple/stable-generate/default.nix index 23e4cfc8e..c30fa2cfa 100644 --- a/krebs/5pkgs/simple/stable-generate/default.nix +++ b/krebs/5pkgs/simple/stable-generate/default.nix @@ -10,7 +10,46 @@ pkgs.writers.writeDashBin "stable-generate" '' STABLE_URL=''${STABLE_URL:-http://stable-confusion.r} - PAYLOAD=$(jq -cn --arg query "$*" '{fn_index: 51, data: [$query,"","None","None",20,"Euler a",false,false,1,1,7,-1,-1,0,0,0,false,512,512,false,0.7,0,0,"None","",false,false,false,"","Seed","","Nothing","",true,false,false,null,"",""], session_hash: "hello_this_is_dog"}') + PAYLOAD=$(jq -cn --arg query "$*" '{fn_index: 51, data: [ + $query, + "", + "None", + "None", + 20, + "Euler a", + false, # restore faces + false, + 1, + 1, + 7, + -1, + -1, + 0, + 0, + 0, + false, + 512, #probably resolution + 512, #probably resolution + false, + 0.7, + 0, + 0, + "None", + "", + false, + false, + false, + "", + "Seed", + "", + "Nothing", + "", + true, + false, + false, + null, + "", + ""], session_hash: "hello_this_is_dog"}') data=$(curl -Ssf "$STABLE_URL/run/predict/" \ -X POST \ -- cgit v1.2.3 From fef385511d07c1ea5be1eae4fd8dd7eba563ab2c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Nov 2022 10:47:32 +0100 Subject: stable-generate: add more comments --- krebs/5pkgs/simple/stable-generate/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stable-generate/default.nix b/krebs/5pkgs/simple/stable-generate/default.nix index c30fa2cfa..fac261613 100644 --- a/krebs/5pkgs/simple/stable-generate/default.nix +++ b/krebs/5pkgs/simple/stable-generate/default.nix @@ -15,8 +15,8 @@ pkgs.writers.writeDashBin "stable-generate" '' "", "None", "None", - 20, - "Euler a", + 20, # sampling steps + "Euler a", # sampling method false, # restore faces false, 1, -- cgit v1.2.3